vpnj012k

ticketer

skf-flask

Security Knowledge Framework (SKF) Python Flask / Angular project

circleci-demo-python-flask

A demo application to learn how to use CircleCI

ember-cli-mirage

An Ember Addon to easily add Mirage JS to your Ember app.

berglas

A tool for managing secrets on Google Cloud

nodejs-ex

web-blog-vault

to demo a flask python app talking to mongodb and using dynamic secrets with vault using the API

DASTProxy

NodeGoat

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

RoboBurp2

Robot Framework Library for BurpSuite 2.X

bandit

Bandit is a tool designed to find common security issues in Python code.

pycharm-security

Finds security holes in your Python projects from PyCharm and GitHub

security-scripts

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

Tiredful-API

An intentionally designed broken web application based on REST API.

image-hub

terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

PyGoat

A Python-based web platform for education in web vulnerabilities

circleci-demo-python-django

Example Django application running on CircleCI

keywhiz

A system for distributing and managing secrets

cicd

This repo demonstrates how to use CyberArk Conjur to secure CI/CD pipeline

osm

Open Service Mesh (OSM) is a lightweight, extensible, cloud native service mesh that allows users to uniformly manage, secure, and get out-of-the-box observability features for highly dynamic microservice environments.

envkey-app

Secure, human-friendly, cross-platform secrets and config.

vault-guides

Example usage of HashiCorp Vault secrets management

security-unit-testing

This is a repository containing example code for how you can use unit tests to protect against security regression.

vapi

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises.

DevSecOps-MaturityModel

WebGoat

WebGoat is a deliberately insecure application

kubeaudit

kubeaudit helps you audit your Kubernetes clusters against common security controls

ansible-for-kubernetes

Ansible and Kubernetes examples from Ansible for Kubernetes Book

threagile

Agile Threat Modeling Toolkit